This seems very cumbersome to have copies of every single zone for every single view. That would quickly reach thousands of zones, all have to be maintained for every single change in a zone. <br><br>I'm asking, are you sure? My first venture into views was my private router at home. It has very few zones but it has two views, one intranet and one wan (internet). <br>
<br>Just to show an example, my wan view has <a href="http://domain1.se">domain1.se</a> and <a href="http://domain2.se">domain2.se</a>. My intranet view has <a href="http://domain1.se">domain1.se</a> and nothing else. <br>
<br><a href="http://domain1.se">domain1.se</a> in intranet and wan point to different IP-addresses, in intranet they're internal and in wan they're external. <br><br><a href="http://domain2.se">domain2.se</a> exists only in wan view and points to external IP-addresses. <br>
<br>If I do a query from may LAN for <a href="http://server.domain1.se">server.domain1.se</a> I get an internal IP, if I do a query from my LAN for <a href="http://domain2.se">domain2.se</a> I get an external IP. <br><br>
That means I don't have a copy of <a href="http://domain2.se">domain2.se</a> in both views, but I can still get a response from BIND for <a href="http://domain2.se">domain2.se</a> from the lan and wan views. <br><br>This is my configuration at home. <br>
<br>acl lanClients {<br> <a href="http://192.168.22.0/24">192.168.22.0/24</a>;<br> 127.0.0.1;<br>};<br><br>view "intranet" {<br> match-clients { lanClients; };<br> recursion yes;<br> notify no;<br><br> // Standard zones<br>
//<br> zone "." {<br> type hint;<br> file "etc/root.hint";<br> };<br><br> zone "<a href="http://domain1.se">domain1.se</a>" {<br> type master;<br> file "intranet/<a href="http://domain1.se">domain1.se</a>";<br>
};<br>};<br><br>view "internet" {<br> match-clients { !localnets; any; };<br> recursion no;<br> allow-transfer { slaveDNS; };<br><br> include "master.zones";<br>};<br><br>The above configuration is just a snippet but it works the way I want. One zone exists in two views, it responds differently in intranet as opposed to wan. Another zone exists only in wan yet it responds correctly both from LAN and wan. <br>
<br>I am unable to copy this configuration to two other name servers with hundreds of zones. This is my goal. <br><br><div class="gmail_quote">2012/10/22 Sten Carlsen <span dir="ltr"><<a href="mailto:stenc@s-carlsen.dk" target="_blank">stenc@s-carlsen.dk</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFCC" text="#000000"><div><div class="h5">
<br>
<div>On 22/10/12 9:32, Stefan Midjich wrote:<br>
</div>
<blockquote type="cite">I want to have an exception for certain zones that
also exist in my main "wan" view. <br>
<br>
So I created an acl for the network that needs the exception. <br>
<br>
acl OtherNetwork {<br>
<a href="http://10.0.2.192/28" target="_blank">10.0.2.192/28</a>;<br>
};<br>
<br>
Then I made this block. <br>
<br>
view "OtherNetwork" {<br>
match-clients { OtherNetworkClients; };<br>
allow-recursion { OtherNetworkClients; };<br>
include "/etc/bind/views/othernetwork.zones";<br>
};<br>
<br>
This worked for the othernetwork.zones, but if I request any zones
outside of this view I get no response. <br>
<br>
I want requests for other zones to be forwarded to the "wan" view
where the rest of the zones are. How can I accompllish this with
Bind? The only solution I can see now is to copy and maintain
hundreds of zones for each view, there must be an easier way. <br clear="all">
</blockquote></div></div>
You should look at each view as a separate server without any
connection to the other servers.<br>
<br>
Your "OtherNetwork" server has no other information than what you
show here, your other networks will be resolved by normal recursion
from the root up.<br>
<br>
The traditional solution here is to include a copy of the other
zones here, separate files, not a reference to the same files,
specially if any kind of dynamic DNS is valid.<br>
<blockquote type="cite"><div class="im">
<br>
-- <br>
Hälsningar / Greetings<br>
<br>
Stefan Midjich<br>
[De omnibus dubitandum]<br>
<br>
<fieldset></fieldset>
<br>
</div><pre>_______________________________________________
Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
bind-users mailing list
<a href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a></pre><span class="HOEnZb"><font color="#888888">
</font></span></blockquote><span class="HOEnZb"><font color="#888888">
<br>
<pre cols="72">--
Best regards
Sten Carlsen
No improvements come from shouting:
"MALE BOVINE MANURE!!!"
</pre>
</font></span></div>
<br>_______________________________________________<br>
Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br></blockquote></div><br><br clear="all"><br>-- <br>Hälsningar / Greetings<br><br>Stefan Midjich<br>
[De omnibus dubitandum]<br>